Balancing GDPR and the need for connected healthcare

General Data Protection Regulation (GDPR) is upon us – the change in the law that applies to all companies processing data of EU citizens, across all sectors and industries.  

As a citizen, I’ve welcomed the law with enthusiastic applause as it means I get more control over my own data and more transparency in the way it is processed. This regulation gives me, as an individual, ‘digital rights’ - very timely given recent data sharing concerns and scandals.   

Whilst that is my personal view, as a professional working for a global health and care technology company like Cerner, my thoughts are more nuanced. Staying abreast of data protection regulations with evolving policy is a constant balance between our mission to improve health and care through interoperable and intelligent systems, and a commitment to protect patient data and a person’s right to privacy. The journey to data protection compliance has been challenging in many ways, often with a lack of clarity about how to interpret and apply the regulation’s direction.  

Sharing information to drive change 

Patients that want a connected care experience expect their full care team to have access to the right information at the right time. It is certain that effective sharing of data enables better care delivery, enhanced decision making, improved outcomes and a positive patient experience – all benefits that the majority of citizens would appreciate. We know that a single source of truth is essential to all of these things, and intelligently engaging the population can truly manage citizens’ health.  

Organisations are now appreciating the shared need to deliver more proactive and preventative care using innovative technology and intelligence. However, no innovation is without its challenges, and data is a key component of this one. Patient, medical, health and care data must be shared and used safely, properly, and confidentially. With new and evolving technology, ever more sophisticated cyber threats, and widely variable public perception, GDPR, data sharing and consent are arguably the greatest challenges for organisations wishing to innovate, integrate health and care, and truly manage the wellbeing of their population in this digital age. 

Further challenges arise when the data sharing plays a wider role than just direct patient care. With intelligence, it can improve service planning, predict outcomes and reduce risk, inform finances and support research. When applicable, there must be consideration given to de-identifying and anonymising data to protect the citizens’ right to privacy – and this needs clarity over what activities constitute ‘direct care’ and what doesn’t, and when explicit consent is required. 

All about communication 

An inherent fear remains over privacy, data protection and potentially misuse, a fear that risks stifling innovation, and hindering intelligent population health management.  

Through GDPR, data controllers have an opportunity to re-engage with the public, and be open and transparent about their processes and purpose. We have found that transparency is key. Informing the public of the purpose, intentions and benefits can make the difference, while opting out when the data use purpose changes for secondary reasons other than direct care needs rapid clarification for both professionals and the public. 

Using data, the right way 

GDPR has far-reaching implications, and no one has all of the answers yet. However, all organisations must work in partnership with each other and their communities to enable data to be stored and transferred securely across the health and care system regardless of its location. Data should be visible to all approved persons aligned with an intended use. Data should be interpreted by the right professionals in the right moment and ultimately, patient data belongs to the citizen.  

These are the principles that Cerner commits to while working with our clients on population health management. We work in partnerships driven by mutual trust, transparency and commitment to citizens’ best interest – and helping the health and social care system be the best it can be.    

For more from techUK Data Protection Week, visit our landing page. 


Come and join us for this year’s Justice and Emergency Services Drinks Reception #techUKJESDrinks on 30 Oct. Sponso…
Join us at @OxfordSBS for our event: Accelerating #Connected & #autonomus vehicles uptake on our roads on 22 Novem…
@brtnz @intel Hi @brtnz - thanks for flagging. We are looking in to this now for you.
Can analytics help fight social isolation? Adrian Woolmore from @CapitaTS discusses the potential use of predictive…
Will recent political developments – including Brexit and the Trump presidency – lead to longer-term protectionist…
Although the UK is a hotbed of tech innovation, @G_Derrington @techUK spoke to @Telegraph about how access to skill…
October, 24 is #Turkish tech day @techUK. Join the conversation and sign-up here: #technology #techTR @pekcan
Our #localgov programme manager @GeorginaMarath explores what the council of the future could look like & just how…